Linux distributions, by their nature, are freedom-respecting and very secure from outside infiltration. The weakest link is the user himself/herself; it’s always possible to accidentally download malware, click on a suspicious link from an incoming email, and become infected. You still have to exercise caution when connecting to the internet, or when leaving your hardware exposed and unprotected.
For someone who is a target of some government, the greater danger is likely to be the connections from their device to banned information or government-surveilled websites, or the emails and messages to and from the device. To gain some protection there, it’s recommended to subscribe to a trusted VPN provider and use the VPN at all times when online.
Use only trusted open-source applications, being extra cautious with any privacy and security settings, especially in the browser(s) you use. Disable telemetry, and set the browser to completely clear your history every time you exit, and disable local storage of website data. Also, be careful what data you keep on the device.
When communicating by email or messaging, use a service that provides message encryption as an option, and remember that all participants in the conversation must have encryption enabled. Some email providers automatically encrypt messages between all subscribers of their service, so this makes it easy. But remember that nothing is foolproof. It’s not impossible that an email service can be compromised. Better for private communication is an encrypted messaging app like Signal; all participants must be using it, which will automatically encrypt the messages between them with the strongest encryption protocols.
On your home network, ensure that you make your router as secure from hacking as possible. You might even want to replace its firmware with a documented third-party open-source firmware.
An additional option is to use the TAILS operating system on a USB drive.
For mobile, the best option is to switch to a Linux phone like the Librem 5 or Pinephone, but know that some functionality is still a work-in-progress with these. Another option is an Android with one of the more secure, more private custom ROMs, with only trusted, privacy-respecting applications installed. (Plus VPN, secure messaging, etc.)
Even all of the above is not a guarantee, so always act according to your risk tolerance for the expected level of danger you might face. This also assumes that your equipment is not subject to confiscation, penalties for banned software, and forensic examination by a hostile government.